[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gss branch, scram, updated. gss-1-0-2-28-gf5db405
|
From: |
Simon Josefsson |
|
Subject: |
[SCM] GNU gss branch, scram, updated. gss-1-0-2-28-gf5db405 |
|
Date: |
Wed, 15 Aug 2012 11:07:45 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gss".
http://git.savannah.gnu.org/cgit/gss.git/commit/?id=f5db405f5daf8082fc3ec0a058f542ff4e62e78f
The branch, scram has been updated
via f5db405f5daf8082fc3ec0a058f542ff4e62e78f (commit)
via 14ae46fa2eea93b3a5e79b17dbf0b4b410197a8a (commit)
from 28b3e80b9f4e6dc6015fd394c921c578fabed407 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit f5db405f5daf8082fc3ec0a058f542ff4e62e78f
Author: Simon Josefsson <address@hidden>
Date: Wed Aug 15 12:38:55 2012 +0200
Improve accept cred stuff.
commit 14ae46fa2eea93b3a5e79b17dbf0b4b410197a8a
Author: Simon Josefsson <address@hidden>
Date: Wed Aug 15 11:29:56 2012 +0200
Sync with TP.
-----------------------------------------------------------------------
Summary of changes:
doc/gss.texi | 2 +
lib/meta.c | 4 +-
lib/scram/Makefile.am | 2 +-
lib/scram/{oid.c => cred.c} | 31 ++++--
lib/scram/protos.h | 14 +++
po/{pl.po.in => hr.po.in} | 150 +++++++++++++++---------------
src/gss-cli.c | 216 -------------------------------------------
src/gss-serv.c | 195 --------------------------------------
src/gss.c | 133 +++++++++++++++++++-------
src/gss.ggo | 2 +-
10 files changed, 215 insertions(+), 534 deletions(-)
copy lib/scram/{oid.c => cred.c} (62%)
copy po/{pl.po.in => hr.po.in} (59%)
delete mode 100644 src/gss-cli.c
delete mode 100644 src/gss-serv.c
diff --git a/doc/gss.texi b/doc/gss.texi
index 40de8c4..eb58a51 100644
--- a/doc/gss.texi
+++ b/doc/gss.texi
@@ -1600,6 +1600,8 @@ printed above.
@verbatim
$ gss -a -n address@hidden
+Importing name "address@hidden"...
+Acquiring credentials...
Input context token:
YIICIQYJKoZIhvcSAQICAQBuggIQMIICDKADAgEFoQMCAQ6iBwMFACAAAACjggEYYYIBFDCCARCgAwIBBaEXGxVpbnRlcm9wLmpvc2Vmc3Nvbi5vcmeiKDAmoAMCAQGhHzAdGwRob3N0GxVpbnRlcm9wLmpvc2Vmc3Nvbi5vcmejgcUwgcKgAwIBEqKBugSBt0zqTh6tBBKV2BwDjQg6H4abEaPshPa0o3tT/TH9U7BaSw/M9ugYYqpHAhOitVjcQidhG2FdSl1n3FOgDBufHHO+gHOW0Y1XHc2QtEdkg1xYF2J4iR1vNQB14kXDM78pogCsfvfLnjsEESKWoeKRGOYWPRx0ksLJDnl/e5tXecZTjhJ3hLrFNBEWRmpIOakTAPnL+Xzz6xcnLHMLLnhZ5VcHqtIMm5p9IDWsP0juIncJ6tO8hjMA2qSB2jCB16ADAgESooHPBIHMWSeRBgV80gh/6hNNMr00jTVwCs5TEAIkljvjOfyPmNBzIFWoG+Wj5ZKOBdizdi7vYbJ2s8b1iSsq/9YEZSqaTxul+5aNrclKoJ7J/IW4kTuMklHcQf/A16TeZFsm9TdfE+x8+PjbOBFtKYXT8ODT8LLicNNiDbWW0meY7lsktXAVpZiUds4wTZ1W5bOSEGY7+mxAWrAlTnNwNAt1J2MHZnfGJFJDLJZldXoyG8OwHyp4h1nBhgzC5BfAmL85QJVxxgVfiHhM5oT9mE1O
Context has been accepted. Final context token:
diff --git a/lib/meta.c b/lib/meta.c
index 4c819a9..df81739 100644
--- a/lib/meta.c
+++ b/lib/meta.c
@@ -79,8 +79,8 @@ static _gss_mech_api_desc _gss_mech_apis[] = {
NULL,
NULL,
NULL,
- NULL,
- NULL,
+ gss_scram_acquire_cred,
+ gss_scram_release_cred,
gss_scram_accept_sec_context,
gss_scram_delete_sec_context,
NULL,
diff --git a/lib/scram/Makefile.am b/lib/scram/Makefile.am
index 5f1e578..dd4d7b2 100644
--- a/lib/scram/Makefile.am
+++ b/lib/scram/Makefile.am
@@ -25,7 +25,7 @@ AM_CPPFLAGS = -I$(top_srcdir)/lib/gl \
noinst_LTLIBRARIES = libgss-scram.la
-libgss_scram_la_SOURCES = oid.c context.c
+libgss_scram_la_SOURCES = oid.c context.c cred.c
libgss_scram_la_SOURCES += tokens.h tokens.c
libgss_scram_la_SOURCES += printer.h printer.c
libgss_scram_la_SOURCES += validate.h validate.c
diff --git a/lib/scram/oid.c b/lib/scram/cred.c
similarity index 62%
copy from lib/scram/oid.c
copy to lib/scram/cred.c
index 6076e80..20f0f83 100644
--- a/lib/scram/oid.c
+++ b/lib/scram/cred.c
@@ -1,4 +1,4 @@
-/* scram/oid.c --- Definition of static SCRAM GSS-API OIDs.
+/* scram/cred.c --- Implementation of SCRAM GSS Credential functions.
* Copyright (C) 2012 Simon Josefsson
*
* This file is part of the Generic Security Service (GSS).
@@ -20,16 +20,25 @@
*
*/
-/* Get specification. */
#include "internal.h"
+#include "protos.h"
-/*
- * https://www.iana.org/assignments/smi-numbers
- * Prefix: iso.org.dod.internet.security.mechanisms (1.3.6.1.5.5)
- * 14 scramsha1 SCRAM-SHA-1 [RFC5802]
- */
-gss_OID_desc GSS_SCRAMSHA1_static = {
- 6, (void *) "\x2b\x06\x01\x05\x05\x0e"
-};
+OM_uint32
+gss_scram_acquire_cred (OM_uint32 * minor_status,
+ const gss_name_t desired_name,
+ OM_uint32 time_req,
+ const gss_OID_set desired_mechs,
+ gss_cred_usage_t cred_usage,
+ gss_cred_id_t * output_cred_handle,
+ gss_OID_set * actual_mechs,
+ OM_uint32 * time_rec)
+{
+ return GSS_S_COMPLETE;
+}
-gss_OID GSS_SCRAMSHA1 = &GSS_SCRAMSHA1_static;
+OM_uint32
+gss_scram_release_cred (OM_uint32 * minor_status,
+ gss_cred_id_t * cred_handle)
+{
+ return GSS_S_COMPLETE;
+}
diff --git a/lib/scram/protos.h b/lib/scram/protos.h
index 8e97707..b2ff740 100644
--- a/lib/scram/protos.h
+++ b/lib/scram/protos.h
@@ -57,4 +57,18 @@ gss_scram_delete_sec_context (OM_uint32 * minor_status,
gss_ctx_id_t * context_handle,
gss_buffer_t output_token);
+/* cred.c */
+extern OM_uint32
+gss_scram_acquire_cred (OM_uint32 * minor_status,
+ const gss_name_t desired_name,
+ OM_uint32 time_req,
+ const gss_OID_set desired_mechs,
+ gss_cred_usage_t cred_usage,
+ gss_cred_id_t * output_cred_handle,
+ gss_OID_set * actual_mechs, OM_uint32 * time_rec);
+
+extern OM_uint32
+gss_scram_release_cred (OM_uint32 * minor_status, gss_cred_id_t * cred_handle);
+
+
#endif /* GSS_SCRAM_PROTOS_H */
diff --git a/po/pl.po.in b/po/hr.po.in
similarity index 59%
copy from po/pl.po.in
copy to po/hr.po.in
index 50efcda..fa31938 100644
--- a/po/pl.po.in
+++ b/po/hr.po.in
@@ -1,229 +1,232 @@
-# Polish translation for gss.
-# Copyright (C) 2004, 2010 Free Software Foundation, Inc.
+# Translation of gss to Croatian.
+# Copyright (C) 2012 Free Software Foundation, Inc.
# This file is distributed under the same license as the gss package.
-# Jakub Bogusz <address@hidden>, 2004-2010.
#
+# Tomislav Krznar <address@hidden>, 2012.
msgid ""
msgstr ""
"Project-Id-Version: gss 1.0.1\n"
"Report-Msgid-Bugs-To: address@hidden"
"POT-Creation-Date: 2010-05-20 15:38+0200\n"
-"PO-Revision-Date: 2010-11-16 21:01+0100\n"
-"Last-Translator: Jakub Bogusz <address@hidden>\n"
-"Language-Team: Polish <address@hidden>\n"
+"PO-Revision-Date: 2012-07-31 00:27+0200\n"
+"Last-Translator: Tomislav Krznar <address@hidden>\n"
+"Language-Team: Croatian <address@hidden>\n"
+"Language: hr\n"
"MIME-Version: 1.0\n"
-"Content-Type: text/plain; charset=ISO-8859-2\n"
+"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 &&
n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
+"X-Generator: Lokalize 1.4\n"
#: lib/meta.c:37
msgid "Kerberos V5 GSS-API mechanism"
-msgstr "Mechanizm Kerberos V5 GSS-API"
+msgstr "Kerberos V5 GSS-API mehanizam"
#: lib/error.c:37
msgid "A required input parameter could not be read"
-msgstr "Wymagany parametr wej¶ciowy nie móg³ byæ odczytany"
+msgstr "Ne mogu Äitati potreban ulazni parametar"
#: lib/error.c:39
msgid "A required output parameter could not be written"
-msgstr "Wymagany parametr wyj¶ciowy nie móg³ byæ zapisany"
+msgstr "Ne mogu pisati potreban izlazni parametar"
#: lib/error.c:41
msgid "A parameter was malformed"
-msgstr "Parametr by³ ¼le sformu³owany"
+msgstr "Parametar je izobliÄen"
#: lib/error.c:46
msgid "An unsupported mechanism was requested"
-msgstr "¯±dano nieobs³ugiwanego mechanizmu"
+msgstr "Tražen je nepodržani mehanizam"
#: lib/error.c:48
msgid "An invalid name was supplied"
-msgstr "Podano b³êdn± nazwê"
+msgstr "Navedeno je neispravno ime"
#: lib/error.c:50
msgid "A supplied name was of an unsupported type"
-msgstr "Podana nazwa by³a nieobs³ugiwanego typu"
+msgstr "Vrsta navedenog imena nije podržana"
#: lib/error.c:52
msgid "Incorrect channel bindings were supplied"
-msgstr "Podano niepoprawne powi±zania kana³u"
+msgstr "Navedene su netoÄne veze kanala"
#: lib/error.c:54
msgid "An invalid status code was supplied"
-msgstr "Podano b³êdny kod stanu"
+msgstr "Naveden je neispravan kod stanja"
#: lib/error.c:56
msgid "A token had an invalid MIC"
-msgstr "Token mia³ b³êdny MIC"
+msgstr "Simbol ima neispravan MIC"
#: lib/error.c:58
msgid "No credentials were supplied, or the credentials were unavailable or
inaccessible"
-msgstr "Nie podano danych uwierzytelniaj±cych lub by³y niedostêpne"
+msgstr "Nisu navedene vjerodajnice, nedostupne su ili im nije moguÄ pristup"
#: lib/error.c:61
msgid "No context has been established"
-msgstr "Nie ustalono kontekstu"
+msgstr "Nije izgraÄen kontekst"
#: lib/error.c:63
msgid "A token was invalid"
-msgstr "Token by³ b³êdny"
+msgstr "Simbol je neispravan"
#: lib/error.c:65
msgid "A credential was invalid"
-msgstr "Dane uwierzytelniaj±ce by³y niepoprawne"
+msgstr "Vjerodajnica je neispravna"
#: lib/error.c:67
msgid "The referenced credentials have expired"
-msgstr "Wskazane dane uwierzytelniaj±ce wygas³y"
+msgstr "Navedene vjerodajnice su istekle"
#: lib/error.c:69
msgid "The context has expired"
-msgstr "Kontekst wygas³"
+msgstr "Kontekst je istekao"
#: lib/error.c:71
msgid "Unspecified error in underlying mechanism"
-msgstr "Nieokre¶lony b³±d w podrzêdnym mechanizmie"
+msgstr "NeodreÄena greÅ¡ka u pozadinskom mehanizmu"
#: lib/error.c:73
msgid "The quality-of-protection requested could not be provided"
-msgstr "¯±dana jako¶æ zabezpieczenia nie mog³a byæ zapewniona"
+msgstr "Ne može se pružiti tražena kvaliteta zaštite
(quality-of-protection)"
#: lib/error.c:75
msgid "The operation is forbidden by local security policy"
-msgstr "Operacja jest zabroniona przez lokaln± politykê bezpieczeñstwa"
+msgstr "Lokalna sigurnosna pravila zabranjuju operaciju"
#: lib/error.c:77
msgid "The operation or option is unavailable"
-msgstr "Operacja lub opcja jest niedostêpna"
+msgstr "Operacija ili opcija nije dostupna"
#: lib/error.c:79
msgid "The requested credential element already exists"
-msgstr "¯±dany element danych uwierzytelniaj±cych ju¿ istnieje"
+msgstr "Traženi element vjerodajnice veÄ postoji"
#: lib/error.c:81
msgid "The provided name was not a mechanism name"
-msgstr "Dostarczona nazwa nie by³a nazw± mechanizmu"
+msgstr "Navedeno ime nije ime mehanizma"
#: lib/error.c:86
msgid "The gss_init_sec_context() or gss_accept_sec_context() function must be
called again to complete its function"
-msgstr "Funkcja gss_init_sec_context() lub gss_accept_sec_context() musi byæ
wywo³ana ponownie aby dokoñczyæ funkcjê"
+msgstr "Potrebno je ponovo pozvati funkciju gss_init_sec_context() ili
gss_accept_sec_context() za završetak djelovanja"
#: lib/error.c:89
msgid "The token was a duplicate of an earlier token"
-msgstr "Token by³ duplikatem wcze¶niejszego"
+msgstr "Simbol je duplikat prethodnog simbola"
#: lib/error.c:91
msgid "The token's validity period has expired"
-msgstr "Okres poprawno¶ci tokenu min±³"
+msgstr "Rok trajanja simbola je istekao"
#: lib/error.c:93
msgid "A later token has already been processed"
-msgstr "Pó¼niejszy token by³ ju¿ przetworzony"
+msgstr "Noviji simbol je veÄ obraÄen"
#: lib/error.c:95
msgid "An expected per-message token was not received"
-msgstr "Nie otrzymano oczekiwanego tokenu dla komunikatu"
+msgstr "OÄekivani simbol poruke nije primljen"
#: lib/error.c:312
msgid "No error"
-msgstr "Brak b³êdu"
+msgstr "Nema greške"
#: lib/krb5/error.c:36
msgid "No @ in SERVICE-NAME name string"
-msgstr "Brak @ w ³añcuchu nazwy SERVICE-NAME"
+msgstr "Nedostaje @ u nizu SERVICE-NAME"
#: lib/krb5/error.c:38
msgid "STRING-UID-NAME contains nondigits"
-msgstr "STRING-UID-NAME zawiera znaki nie bêd±ce cyframi"
+msgstr "STRING-UID-NAME sadrži znakove koji nisu znamenke"
#: lib/krb5/error.c:40
msgid "UID does not resolve to username"
-msgstr "UID nie rozwi±zuje siê na nazwê u¿ytkownika"
+msgstr "UID se ne može povezati s korisniÄkim imenom"
#: lib/krb5/error.c:42
msgid "Validation error"
-msgstr "B³±d kontroli poprawno¶ci"
+msgstr "Greška provjere valjanosti"
#: lib/krb5/error.c:44
msgid "Couldn't allocate gss_buffer_t data"
-msgstr "Nie mo¿na przydzieliæ danych gss_buffer_t"
+msgstr "Ne mogu alocirati gss_buffer_t podatke"
#: lib/krb5/error.c:46
msgid "Message context invalid"
-msgstr "B³êdny kontekst komunikatu"
+msgstr "Kontekst poruke neispravan"
#: lib/krb5/error.c:48
msgid "Buffer is the wrong size"
-msgstr "Z³y rozmiar bufora"
+msgstr "MeÄuspremnik ima neispravnu veliÄinu"
#: lib/krb5/error.c:50
msgid "Credential usage type is unknown"
-msgstr "Nieznany sposób u¿ycia danych uwierzytelniaj±cych"
+msgstr "Vrsta korištenja vjerodajnice je nepoznata"
#: lib/krb5/error.c:52
msgid "Unknown quality of protection specified"
-msgstr "Podano nieznan± jako¶ zabezpieczenia"
+msgstr "Navedena je nepoznata kvaliteta zaštite"
#: lib/krb5/error.c:55
msgid "Principal in credential cache does not match desired name"
-msgstr "Zarz±dca w buforze danych uwierzytelniaj±cych nie pasuje do ¿±danej
nazwy"
+msgstr "Upravitelj u spremniku vjerodajnica ne odgovara željenom imenu"
#: lib/krb5/error.c:57
msgid "No principal in keytab matches desired name"
-msgstr "¯aden zarz±dca w keytab nie pasuje do ¿±danej nazwy"
+msgstr "Nijedan upravitelj u tablici kljuÄeva ne odgovara željenom imenu"
#: lib/krb5/error.c:59
msgid "Credential cache has no TGT"
-msgstr "Bufor danych uwierzytelniaj±cych nie zawiera TGT"
+msgstr "Spremnik vjerodajnica nema TGT"
#: lib/krb5/error.c:61
msgid "Authenticator has no subkey"
-msgstr "Authenticator nie ma pola subkey"
+msgstr "Ovjeritelj nema podkljuÄ"
#: lib/krb5/error.c:63
msgid "Context is already fully established"
-msgstr "Kontekst ju¿ zosta³ w pe³ni ustalony"
+msgstr "Kontekst je veÄ u potpunosti izgraÄen"
#: lib/krb5/error.c:65
msgid "Unknown signature type in token"
-msgstr "Nieznany rodzaj sygnatury w tokenie"
+msgstr "Nepoznata vrsta potpisa u simbolu"
#: lib/krb5/error.c:67
msgid "Invalid field length in token"
-msgstr "B³êdna d³ugo¶æ pola w tokenie"
+msgstr "Neispravna duljina polja u simbolu"
#: lib/krb5/error.c:69
msgid "Attempt to use incomplete security context"
-msgstr "Próba u¿ycia niepe³nego kontekstu bezpieczeñstwa"
+msgstr "Pokušaj korištenja nepotpunog sigurnosnog konteksta"
#: lib/krb5/error.c:86
msgid "No krb5 error"
-msgstr "Brak b³êdu krb5"
+msgstr "Nema krb5 greške"
#: lib/krb5/error.c:127
msgid "Unknown krb5 error"
-msgstr "Nieznany b³±d krb5"
+msgstr "Nepoznata krb5 greška"
#: src/gss.c:65
#, c-format
msgid "Try `%s --help' for more information.\n"
-msgstr "`%s --help' poda wiêcej informacji.\n"
+msgstr "PokuÅ¡ajte â%s --helpâ za viÅ¡e informacija.\n"
#: src/gss.c:69
#, c-format
msgid "Usage: %s OPTIONS...\n"
-msgstr "Sk³adnia: %s OPCJE...\n"
+msgstr "Uporaba: %s OPCIJE...\n"
#: src/gss.c:72
msgid ""
"Command line interface to GSS, used to explain error codes.\n"
"\n"
msgstr ""
-"Interfejs linii poleceñ do GSS s³u¿±cy do wyja¶niania kodów b³êdów.\n"
+"SuÄelje naredbenog retka prema GSS-u, koriÅ¡teno za pojaÅ¡njavanje kodova
grešaka.\n"
"\n"
#: src/gss.c:76
msgid "Mandatory arguments to long options are mandatory for short options
too.\n"
-msgstr "Argumenty obowi±zkowe dla opcji d³ugich s± obowi±zkowe tak¿e dla opcji
krótkich.\n"
+msgstr "Obavezni argumenti dugaÄkih opcija takoÄer su obavezni i za kratke
opcije.\n"
#: src/gss.c:79
msgid ""
@@ -234,16 +237,17 @@ msgid ""
" in a human readable format.\n"
" -m, --major=LONG Describe a `major status' error code value.\n"
msgstr ""
-" -h, --help Wypisanie tego opisu i zakoñczenie\n"
-" -V, --version Wypisanie numeru wersji i zakoñczenie\n"
+" -h, --help IspiÅ¡i pomoÄ i izaÄi.\n"
+" -V, --version IspiÅ¡i inaÄicu i izaÄi.\n"
" -l, --list-mechanisms\n"
-" Informacje o obs³ugiwanych mechanizmach\n"
-" w postaci czytelnej dla cz³owieka\n"
-" -m, --major=LONG Opis \"g³ównego\" kodu b³êdu w postaci tekstowej\n"
+" Ispiši informacije o podržanim mehanizmima\n"
+" u ljudima Äitljivom obliku.\n"
+" -m, --major=DUG Opiši vrijednost koda greške glavnog stanja\n"
+" (âmajor statusâ).\n"
#: src/gss.c:87
msgid " -q, --quiet Silent operation (default=off).\n"
-msgstr " -q, --quiet Dzia³anie bez komunikatów (domy¶lnie wy³±czone)\n"
+msgstr " -q, --quiet Tih rad (poÄetna vrijednost âoffâ).\n"
#: src/gss.c:106
#, c-format
@@ -251,7 +255,7 @@ msgid ""
"GSS-API major status code %ld (0x%lx).\n"
"\n"
msgstr ""
-"G³ówny kod stanu GSS-API %ld (0x%lx).\n"
+"GSS-API kod glavnog stanja %ld (0x%lx).\n"
"\n"
#: src/gss.c:109
@@ -264,7 +268,7 @@ msgid ""
msgstr ""
" MSB LSB\n"
" +-----------------+-----------------+---------------------------------+\n"
-" | B³±d wywo³ania | B³±d procedury | Dodatkowe informacje |\n"
+" |Greška pozivanja | Greška rutine | Dodatne informacije
|\n"
" | "
#: src/gss.c:123
@@ -283,34 +287,34 @@ msgstr ""
#: src/gss.c:133
#, c-format
msgid "Masked routine error %ld (0x%lx) shifted into %ld (0x%lx):\n"
-msgstr "Maskowany b³±d procedury %ld (0x%lx) przesuniêty do %ld (0x%lx):\n"
+msgstr "Maskirana greška rutine %ld (0x%lx) pomaknuta u %ld (0x%lx):\n"
#: src/gss.c:150 src/gss.c:184 src/gss.c:221
#, c-format
msgid "displaying status code failed (%d)"
-msgstr "wy¶wietlenie kodu stanu nie powiod³o siê (%d)"
+msgstr "prikaz koda stanja nije uspio (%d)"
#: src/gss.c:170
#, c-format
msgid "Masked calling error %ld (0x%lx) shifted into %ld (0x%lx):\n"
-msgstr "Maskowany b³±d wywo³ania %ld (0x%lx) przesuniêty do %ld (0x%lx):\n"
+msgstr "Maskirana greška pozivanja %ld (0x%lx) pomaknuta u %ld (0x%lx):\n"
#: src/gss.c:203
#, c-format
msgid "Masked supplementary info %ld (0x%lx) shifted into %ld (0x%lx):\n"
-msgstr "Maskowane dodatkowe informacje %ld (0x%lx) przesuniête do %ld
(0x%lx):\n"
+msgstr "Maskirane dodatne informacije %ld (0x%lx) pomaknute u %ld (0x%lx):\n"
#: src/gss.c:238
#, c-format
msgid "No error\n"
-msgstr "Brak b³êdu\n"
+msgstr "Nema greške\n"
#: src/gss.c:256
#, c-format
msgid "indicating mechanisms failed (%d)"
-msgstr "okre¶lanie mechanizmów nie powiod³o siê (%d)"
+msgstr "prikazivanje mehanizama nije uspjelo (%d)"
#: src/gss.c:271
#, c-format
msgid "inquiring information about mechanism failed (%d)"
-msgstr "pobieranie informacji o mechanizmach nie powiod³o siê (%d)"
+msgstr "traženje informacija o mehanizmu nije uspjelo (%d)"
diff --git a/src/gss-cli.c b/src/gss-cli.c
deleted file mode 100644
index 97a41ca..0000000
--- a/src/gss-cli.c
+++ /dev/null
@@ -1,216 +0,0 @@
-/* gss-cli.c --- GSS client.
- * Copyright (C) 2004-2012 Simon Josefsson
- *
- * This file is part of the Generic Security Service (GSS).
- *
- * GSS is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * GSS is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
- * License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with GSS; if not, see http://www.gnu.org/licenses or write to
- * the Free Software Foundation, Inc., 51 Franklin Street, Fifth
- * Floor, Boston, MA 02110-1301, USA.
- *
- */
-
-#include "config.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-
-/* For gettext. */
-#include <locale.h>
-#include <gettext.h>
-#define _(String) gettext (String)
-
-/* Get GSS header. */
-#include <gss.h>
-
-/* Command line parameter parser via gengetopt. */
-#include "gss_cli_cmd.h"
-
-/* Gnulib utils. */
-#include "base64.h"
-#include "error.h"
-#include "progname.h"
-#include "version-etc.h"
-
-const char version_etc_copyright[] =
- /* Do *not* mark this string for translation. %s is a copyright
- symbol suitable for this locale, and %d is the copyright
- year. */
- "Copyright %s %d Simon Josefsson.";
-
-/* This feature is available in gcc versions 2.5 and later. */
-#if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 5)
-# define GSS_ATTR_NO_RETRUN
-#else
-# define GSS_ATTR_NO_RETRUN __attribute__ ((__noreturn__))
-#endif
-
-static void
-usage (int status)
- GSS_ATTR_NO_RETRUN;
-
- static void usage (int status)
-{
- if (status != EXIT_SUCCESS)
- fprintf (stderr, _("Try `%s --help' for more information.\n"),
- program_name);
- else
- {
- printf (_("\
-Usage: %s OPTIONS...\n\
-"), program_name);
- fputs (_("\
-Generic Security Service test client.\n\
-\n\
-"), stdout);
- fputs (_("\
-Mandatory arguments to long options are mandatory for short options too.\n\
-"), stdout);
- fputs (_("\
- -h, --help Print help and exit.\n\
- -V, --version Print version and exit.\n\
- -m, --mechanism=MECH\n\
- MECH is the SASL name of mechanism, use\n\
- 'gss -l' to list supported mechanisms.\n\
-"), stdout);
- fputs (_("\
- -q, --quiet Silent operation (default=off).\n\
-"), stdout);
- emit_bug_reporting_address ();
- }
- exit (status);
-}
-
-static ssize_t
-gettrimline (char **line, size_t * n, FILE * fh)
-{
- ssize_t s = getline (line, n, fh);
-
- if (s >= 2)
- {
- if ((*line)[strlen (*line) - 1] == '\n')
- (*line)[strlen (*line) - 1] = '\0';
- if ((*line)[strlen (*line) - 1] == '\r')
- (*line)[strlen (*line) - 1] = '\0';
- }
-
- return s;
-}
-
-static int
-init_sec_context (unsigned quiet, const char *mech)
-{
- OM_uint32 maj, min;
- gss_ctx_id_t ctx = GSS_C_NO_CONTEXT;
- gss_name_t servername = GSS_C_NO_NAME;
- gss_buffer_desc inbuf_desc;
- gss_buffer_t inbuf = GSS_C_NO_BUFFER;
- gss_buffer_desc bufdesc;
- gss_buffer_desc sasl_mech_name;
- gss_OID mech_type;
- size_t outlen;
- char *out;
- ssize_t s;
- char *line = NULL;
- size_t n = 0;
- bool ok;
-
- sasl_mech_name.length = strlen (mech);
- sasl_mech_name.value = (void*) mech;
-
- maj = gss_inquire_mech_for_saslname (&min, &sasl_mech_name, &mech_type);
- if (GSS_ERROR (maj))
- error (EXIT_FAILURE, 0,
- _("inquiring mechanism for SASL name (%d/%d)"), maj, min);
-
- do
- {
- maj = gss_init_sec_context (&min,
- GSS_C_NO_CREDENTIAL,
- &ctx,
- servername,
- mech_type,
- GSS_C_MUTUAL_FLAG |
- GSS_C_REPLAY_FLAG |
- GSS_C_SEQUENCE_FLAG,
- 0,
- GSS_C_NO_CHANNEL_BINDINGS,
- inbuf, NULL,
- &bufdesc, NULL, NULL);
- if (GSS_ERROR (maj))
- error (EXIT_FAILURE, 0,
- _("initializing security context failed (%d/%d)"), maj, min);
-
- outlen = base64_encode_alloc (bufdesc.value, bufdesc.length, &out);
- if (out == NULL && outlen == 0 && bufdesc.length != 0)
- error (EXIT_FAILURE, 0, _("base64 input too long"));
- if (out == NULL)
- error (EXIT_FAILURE, errno, _("malloc"));
-
- printf ("%s\n", out);
-
- free (out);
-
- if (maj == GSS_S_COMPLETE)
- break;
-
- s = gettrimline (&line, &n, stdin);
- if (s == -1 && !feof (stdin))
- error (EXIT_FAILURE, errno, _("getline"));
- if (s == -1)
- error (EXIT_FAILURE, 0, _("EOF"));
-
- ok = base64_decode_alloc (line, strlen (line), &out, &outlen);
- if (!ok)
- error (EXIT_FAILURE, 0, _("base64 fail"));
- if (out == NULL)
- error (EXIT_FAILURE, errno, _("malloc"));
-
- inbuf_desc.value = out;
- inbuf_desc.length = outlen;
- inbuf = &inbuf_desc;
- }
- while (maj == GSS_S_CONTINUE_NEEDED);
-
- return 0;
-}
-
-int
-main (int argc, char *argv[])
-{
- struct gengetopt_args_info args;
-
- setlocale (LC_ALL, "");
- set_program_name (argv[0]);
- bindtextdomain (PACKAGE, LOCALEDIR);
- textdomain (PACKAGE);
-
- if (cmdline_parser (argc, argv, &args) != 0)
- return 1;
-
- if (args.version_given)
- {
- version_etc (stdout, "gss-cli", PACKAGE_NAME, VERSION,
- "Simon Josefsson", (char *) NULL);
- return EXIT_SUCCESS;
- }
-
- if (args.help_given || !args.mechanism_arg)
- usage (EXIT_SUCCESS);
-
- init_sec_context (args.quiet_given, args.mechanism_arg);
-
- return 0;
-}
diff --git a/src/gss-serv.c b/src/gss-serv.c
deleted file mode 100644
index 986c24c..0000000
--- a/src/gss-serv.c
+++ /dev/null
@@ -1,195 +0,0 @@
-/* gss-serv.c --- GSS server.
- * Copyright (C) 2004-2012 Simon Josefsson
- *
- * This file is part of the Generic Security Service (GSS).
- *
- * GSS is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * GSS is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
- * License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with GSS; if not, see http://www.gnu.org/licenses or write to
- * the Free Software Foundation, Inc., 51 Franklin Street, Fifth
- * Floor, Boston, MA 02110-1301, USA.
- *
- */
-
-#include "config.h"
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-
-/* For gettext. */
-#include <locale.h>
-#include <gettext.h>
-#define _(String) gettext (String)
-
-/* Get GSS header. */
-#include <gss.h>
-
-/* Command line parameter parser via gengetopt. */
-#include "gss_serv_cmd.h"
-
-/* Gnulib utils. */
-#include "base64.h"
-#include "error.h"
-#include "progname.h"
-#include "version-etc.h"
-
-const char version_etc_copyright[] =
- /* Do *not* mark this string for translation. %s is a copyright
- symbol suitable for this locale, and %d is the copyright
- year. */
- "Copyright %s %d Simon Josefsson.";
-
-/* This feature is available in gcc versions 2.5 and later. */
-#if __GNUC__ < 2 || (__GNUC__ == 2 && __GNUC_MINOR__ < 5)
-# define GSS_ATTR_NO_RETRUN
-#else
-# define GSS_ATTR_NO_RETRUN __attribute__ ((__noreturn__))
-#endif
-
-static void
-usage (int status)
- GSS_ATTR_NO_RETRUN;
-
- static void usage (int status)
-{
- if (status != EXIT_SUCCESS)
- fprintf (stderr, _("Try `%s --help' for more information.\n"),
- program_name);
- else
- {
- printf (_("\
-Usage: %s OPTIONS...\n\
-"), program_name);
- fputs (_("\
-Generic Security Service test server.\n\
-\n\
-"), stdout);
- fputs (_("\
-Mandatory arguments to long options are mandatory for short options too.\n\
-"), stdout);
- fputs (_("\
- -h, --help Print help and exit.\n\
- -V, --version Print version and exit.\n\
-"), stdout);
- fputs (_("\
- -q, --quiet Silent operation (default=off).\n\
-"), stdout);
- emit_bug_reporting_address ();
- }
- exit (status);
-}
-
-static ssize_t
-gettrimline (char **line, size_t * n, FILE * fh)
-{
- ssize_t s = getline (line, n, fh);
-
- if (s >= 2)
- {
- if ((*line)[strlen (*line) - 1] == '\n')
- (*line)[strlen (*line) - 1] = '\0';
- if ((*line)[strlen (*line) - 1] == '\r')
- (*line)[strlen (*line) - 1] = '\0';
- }
-
- return s;
-}
-
-static int
-accept_sec_context (unsigned quiet)
-{
- OM_uint32 maj, min;
- gss_ctx_id_t ctx = GSS_C_NO_CONTEXT;
- gss_cred_id_t cred = GSS_C_NO_CREDENTIAL;
- gss_name_t client = GSS_C_NO_NAME;
- gss_buffer_desc bufdesc, bufdesc2;
- gss_OID mech_type;
- char *out;
- size_t outlen;
- ssize_t s;
- char *line = NULL;
- size_t n = 0;
- bool ok;
-
- do
- {
- s = gettrimline (&line, &n, stdin);
- if (s == -1 && !feof (stdin))
- error (EXIT_FAILURE, errno, _("getline"));
- if (s == -1)
- error (EXIT_FAILURE, 0, _("EOF"));
-
- ok = base64_decode_alloc (line, strlen (line), &out, &outlen);
- if (!ok)
- error (EXIT_FAILURE, 0, _("base64 fail"));
- if (out == NULL)
- error (EXIT_FAILURE, errno, _("malloc"));
-
- bufdesc.value = out;
- bufdesc.length = outlen;
-
- maj = gss_accept_sec_context (&min,
- &ctx,
- cred,
- &bufdesc,
- GSS_C_NO_CHANNEL_BINDINGS,
- &client,
- &mech_type,
- &bufdesc2, NULL, NULL, NULL);
- if (GSS_ERROR (maj))
- error (EXIT_FAILURE, 0,
- _("accepting security context failed (%d/%d)"), maj, min);
-
- outlen = base64_encode_alloc (bufdesc2.value, bufdesc2.length, &out);
- if (out == NULL && outlen == 0 && bufdesc2.length != 0)
- error (EXIT_FAILURE, 0, _("base64 input too long"));
- if (out == NULL)
- error (EXIT_FAILURE, errno, _("malloc"));
-
- printf ("%s\n", out);
-
- free (out);
- }
- while (maj == GSS_S_CONTINUE_NEEDED);
-
- return 0;
-}
-
-int
-main (int argc, char *argv[])
-{
- struct gengetopt_args_info args;
-
- setlocale (LC_ALL, "");
- set_program_name (argv[0]);
- bindtextdomain (PACKAGE, LOCALEDIR);
- textdomain (PACKAGE);
-
- if (cmdline_parser (argc, argv, &args) != 0)
- return 1;
-
- if (args.version_given)
- {
- version_etc (stdout, "gss", PACKAGE_NAME, VERSION,
- "Simon Josefsson", (char *) NULL);
- return EXIT_SUCCESS;
- }
-
- if (args.help_given)
- usage (EXIT_SUCCESS);
-
- accept_sec_context (args.quiet_given);
-
- return 0;
-}
diff --git a/src/gss.c b/src/gss.c
index 02b9289..ad5aba9 100644
--- a/src/gss.c
+++ b/src/gss.c
@@ -87,14 +87,17 @@ Mandatory arguments to long options are mandatory for short
options too.\n\
-m, --major=LONG Describe a `major status' error code value.\n\
"), stdout);
fputs (_("\
- -a, --accept-sec-context\n\
+ -a, --accept-sec-context[=MECH]\n\
Accept a security context as server.\n\
+ If MECH is not specified, no credentials\n\
+ will be acquired. Use \"*\" to use library\n\
+ default mechanism.\n\
-i, --init-sec-context=MECH\n\
Initialize a security context as client.\n\
MECH is the SASL name of mechanism, use -l\n\
to list supported mechanisms.\n\
-n, address@hidden
- For -i, set the name of the remote host.\n\
+ For -i and -a, set the name of the remote host.\n\
For example, \"address@hidden".\n\
"), stdout);
fputs (_("\
@@ -116,8 +119,7 @@ describe_major (unsigned int quiet, long major)
if (!quiet)
{
- printf (_("GSS-API major status code %ld (0x%lx).\n\n"),
- major, major);
+ printf (_("GSS-API major status code %ld (0x%lx).\n\n"), major, major);
printf (_(" MSB "
" LSB\n"
@@ -149,8 +151,7 @@ describe_major (unsigned int quiet, long major)
GSS_ROUTINE_ERROR (major),
GSS_ROUTINE_ERROR (major) >>
GSS_C_ROUTINE_ERROR_OFFSET,
- GSS_ROUTINE_ERROR (major) >>
- GSS_C_ROUTINE_ERROR_OFFSET);
+ GSS_ROUTINE_ERROR (major) >> GSS_C_ROUTINE_ERROR_OFFSET);
message_context = 0;
do
@@ -219,8 +220,7 @@ describe_major (unsigned int quiet, long major)
GSS_SUPPLEMENTARY_INFO (major),
GSS_SUPPLEMENTARY_INFO (major) >>
GSS_C_SUPPLEMENTARY_OFFSET,
- GSS_SUPPLEMENTARY_INFO (major) >>
- GSS_C_SUPPLEMENTARY_OFFSET);
+ GSS_SUPPLEMENTARY_INFO (major) >> GSS_C_SUPPLEMENTARY_OFFSET);
message_context = 0;
do
@@ -270,7 +270,8 @@ list_mechanisms (unsigned quiet)
return 1;
}
- printf ("Found %lu supported mechanisms.\n", (unsigned long)
mech_set->count);
+ printf ("Found %lu supported mechanisms.\n",
+ (unsigned long) mech_set->count);
for (i = 0; i < mech_set->count; i++)
{
@@ -333,7 +334,7 @@ init_sec_context (unsigned quiet, const char *mech, const
char *server)
OM_uint32 ret_flags;
sasl_mech_name.length = strlen (mech);
- sasl_mech_name.value = (void*) mech;
+ sasl_mech_name.value = (void *) mech;
maj = gss_inquire_mech_for_saslname (&min, &sasl_mech_name, &mech_type);
if (GSS_ERROR (maj))
@@ -345,7 +346,7 @@ init_sec_context (unsigned quiet, const char *mech, const
char *server)
gss_buffer_desc namebuf;
namebuf.length = strlen (server);
- namebuf.value = (void*) server;
+ namebuf.value = (void *) server;
maj = gss_import_name (&min, &namebuf, GSS_C_NT_HOSTBASED_SERVICE,
&servername);
@@ -367,9 +368,7 @@ init_sec_context (unsigned quiet, const char *mech, const
char *server)
GSS_C_SEQUENCE_FLAG,
0,
GSS_C_NO_CHANNEL_BINDINGS,
- inbuf, NULL,
- &bufdesc,
- &ret_flags, NULL);
+ inbuf, NULL, &bufdesc, &ret_flags, NULL);
if (GSS_ERROR (maj))
error (EXIT_FAILURE, 0,
_("initializing security context failed (%d/%d)"), maj, min);
@@ -425,15 +424,14 @@ init_sec_context (unsigned quiet, const char *mech, const
char *server)
}
static int
-accept_sec_context (unsigned quiet, const char *server)
+accept_sec_context (unsigned quiet, const char *mech, const char *server)
{
OM_uint32 maj, min;
gss_ctx_id_t ctx = GSS_C_NO_CONTEXT;
- gss_name_t servername = GSS_C_NO_NAME;
gss_cred_id_t cred = GSS_C_NO_CREDENTIAL;
gss_name_t client = GSS_C_NO_NAME;
gss_buffer_desc bufdesc, bufdesc2;
- gss_OID mech_type;
+ gss_OID mech_type = GSS_C_NO_OID;
char *out;
size_t outlen;
ssize_t s;
@@ -442,27 +440,92 @@ accept_sec_context (unsigned quiet, const char *server)
bool ok;
OM_uint32 ret_flags;
- if (server)
+ /*
+ We support these variants:
+
+ 1) No call to gss_acquire_cred at all. This happens if mech=NULL
+ and server=NULL.
+
+ 2) Call to gss_acquire_cred with desired_mechs=GSS_C_NULL_OID_SET
+ and desired_name=GSS_C_NO_NAME. This happens if mech="*" (the
+ string) and server=NULL.
+
+ 3) Call to gss_acquire_cred with desired_mechs=GSS_C_NULL_OID_SET
+ and desired_name=server. This happens if mech=NULL or mech="*"
+ (the string) and server!=NULL.
+
+ 4) Call to gss_acquire_cred with desired_mechs=mech and
+ desired_name=GSS_C_NO_NAME. This happens if mech is a valid
+ SASL-name and server=NULL.
+
+ 5) Call to gss_acquire_cred with desired_mechs=mech and
+ desired_name=server. This happens if mech is a valid SASL-name
+ and server!=NULL.
+ */
+
+ if (mech || server)
{
- gss_buffer_desc namebuf;
+ gss_name_t servername = GSS_C_NO_NAME;
+ gss_OID_set mech_types = GSS_C_NULL_OID_SET;
- namebuf.length = strlen (server);
- namebuf.value = (void*) server;
+ if (mech && strcmp (mech, "*") != 0)
+ {
+ gss_buffer_desc sasl_mech_name;
- maj = gss_import_name (&min, &namebuf, GSS_C_NT_HOSTBASED_SERVICE,
- &servername);
+ sasl_mech_name.length = strlen (mech);
+ sasl_mech_name.value = (void *) mech;
+
+ printf ("Inquiring mechanism OID for SASL name \"%s\"...\n", mech);
+ maj = gss_inquire_mech_for_saslname (&min, &sasl_mech_name,
+ &mech_type);
+ if (GSS_ERROR (maj))
+ error (EXIT_FAILURE, 0,
+ _("inquiring mechanism for SASL name (%d/%d)"), maj, min);
+ }
+
+ if (server)
+ {
+ gss_buffer_desc namebuf;
+
+ namebuf.length = strlen (server);
+ namebuf.value = (void *) server;
+
+ printf ("Importing name \"%s\"...\n", server);
+ maj = gss_import_name (&min, &namebuf, GSS_C_NT_HOSTBASED_SERVICE,
+ &servername);
+ if (GSS_ERROR (maj))
+ error (EXIT_FAILURE, 0,
+ _("could not import server name \"%s\" (%d/%d)"),
+ server, maj, min);
+ }
+
+ if (mech_type != GSS_C_NO_OID)
+ {
+ maj = gss_create_empty_oid_set (&min, &mech_types);
+ if (GSS_ERROR (maj))
+ error (EXIT_FAILURE, 0, "gss_create_empty_oid_set (%d/%d)",
+ maj, min);
+
+ maj = gss_add_oid_set_member (&min, mech_type, &mech_types);
+ if (GSS_ERROR (maj))
+ error (EXIT_FAILURE, 0, "gss_add_oid_set_member (%d/%d)",
+ maj, min);
+ }
+
+ printf ("Acquiring credentials...\n");
+ maj = gss_acquire_cred (&min, servername, 0, mech_types, GSS_C_ACCEPT,
+ &cred, NULL, NULL);
if (GSS_ERROR (maj))
error (EXIT_FAILURE, 0,
- _("could not import server name \"%s\" (%d/%d)"),
- server, maj, min);
- }
+ _("could not acquire server credentials (%d/%d)"), maj, min);
- maj = gss_acquire_cred (&min, servername, 0,
- GSS_C_NULL_OID_SET, GSS_C_ACCEPT,
- &cred, NULL, NULL);
- if (GSS_ERROR (maj))
- error (EXIT_FAILURE, 0,
- _("could not acquire server creentials (%d/%d)"), maj, min);
+ if (mech_type != GSS_C_NO_OID)
+ {
+ maj = gss_release_oid_set (&min, &mech_types);
+ if (GSS_ERROR (maj))
+ error (EXIT_FAILURE, 0, "gss_release_oid_set (%d/%d)", maj, min);
+ }
+ }
do
{
@@ -491,8 +554,7 @@ accept_sec_context (unsigned quiet, const char *server)
GSS_C_NO_CHANNEL_BINDINGS,
&client,
&mech_type,
- &bufdesc2,
- &ret_flags, NULL, NULL);
+ &bufdesc2, &ret_flags, NULL, NULL);
if (GSS_ERROR (maj))
error (EXIT_FAILURE, 0,
_("accepting security context failed (%d/%d)"), maj, min);
@@ -556,7 +618,8 @@ main (int argc, char *argv[])
rc = init_sec_context (args.quiet_given, args.init_sec_context_arg,
args.server_name_arg);
else if (args.accept_sec_context_given)
- rc = accept_sec_context (args.quiet_given, args.server_name_arg);
+ rc = accept_sec_context (args.quiet_given, args.accept_sec_context_arg,
+ args.server_name_arg);
else
usage (EXIT_SUCCESS);
diff --git a/src/gss.ggo b/src/gss.ggo
index c65069d..40f6391 100644
--- a/src/gss.ggo
+++ b/src/gss.ggo
@@ -22,7 +22,7 @@ purpose "Command line interface to GSS, used to explain error
codes."
option "major" m "See gss.c for doc string" long no
option "list-mechanisms" l "See gss.c for doc string" no
-option "accept-sec-context" a "See gss.c for doc string" no
+option "accept-sec-context" a "See gss.c for doc string" argoptional string no
option "init-sec-context" i "See gss.c for doc string" string no
option "server-name" n "See gss.c for doc string" string no
option "quiet" q "Silent operation" flag off
hooks/post-receive
--
GNU gss
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gss branch, scram, updated. gss-1-0-2-28-gf5db405,
Simon Josefsson <=